JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Fusion Middleware Glossary for Oracle Unified Directory 11g Release 1 (11.1.1)
search filter icon
search icon

Document Information

1.  Glossary

A

abandon operation

abstract object class

Abstract Syntax Notation One

access control

access control instruction (ACI)

access control rule

access log

account expiration

account lockout

account status notification

account usability control

ACID

add operation

alias

AND search filter

anonymous bind

ANONYMOUS SASL mechanism

approximate index

approximate search filter

ASN.1

assertion value

attribute

attribute description

attribute option

attribute syntax

attribute type

attribute usage

attribute value

attribute value assertion

audit log

authentication

authentication ID

authentication password syntax

authorization

authorization ID

authorization identity control

auxiliary object class

AVA

B

back end

backup

base64 encoding

Basic Encoding Rules

Basic Encoding Rules Overview

The BER Type

The BER Length

The BER Value

BER Encoding Examples

BER

Berkeley DB Java Edition

binary copy

bind operation

C

cancel extended operation

CDDL

certificate

certificate mapper

chaining

changelog

cn=Directory Manager

collective attribute

Common Development and Distribution License

compare operation

connection handler

connection ID

control

CRAM-MD5 SASL mechanism

crypt algorithm

D

database

database cache

debug log

delete operation

deprecated password storage scheme

dereference policy

DIGEST-MD5 SASL mechanism

directory information tree

directory manager

directory server

directory server agent

Directory Services Markup Language

distinguished name

distribution

DIT

DIT content rule

DIT structure rule

DN

DSA

DSA-specific entry

DSE

DSML

DSML gateway

duration

dynamic group

E

entry

entry cache

entry change notification control

entryDN

entry ID

entryUUID

equality index

equality search filter

error log

export

extended operation

extensible match index

extensible match search filter

EXTERNAL SASL mechanism

F

failover algorithm

false filter

G

generalized time

get effective rights control

global index

global index catalog

greater than or equal to search filter

group

GSSAPI SASL mechanism

I

ID list

id2entry database

identity mapper

idle account lockout

in-core restart

index

index entry limit

intermediate response

Internet Draft

J

Java Management Extensions

JMX

K

key manager provider

L

last login time

lastmod plug-in

LDAP assertion control

ldapcompare command

LDAP Data Interchange Format

ldapdelete command

LDAP false filter

LDAP intermediate response

LDAP message

LDAP modify DN operation

LDAP modify operation

ldapmodify command

LDAP no-op control

LDAP post-read control

LDAP pre-read control

LDAP result

LDAPS

LDAP search filter

ldapsearch command

LDAP true filter

LDAP Subentry

LDAP URL

LDIF export

LDIF import

leaf entry

less than or equal to search filter

lexico algorithm

Lightweight Directory Access Protocol

load balancing

lookthrough limit

M

MakeLDIF command

manage DSA IT control

matched DN

matched values control

matching rule

matching rule use

MD5

message

message ID

modification

modification type

modify DN operation

modify operation

monitor entry

N

name form

naming context

network group

non-leaf entry

normalized value

notice of disconnection unsolicited notification

NOT search filter

numeric algorithm

O

object class

object class type

object identifier

operation ID

operational attribute

ordering index

OR search filter

P

partition

password

password expiration

password generator

Password Modify extended operation

password policy

password policy control

password reset

password storage scheme

password validator

persistent search control

PLAIN SASL mechanism

plug-in

presence index

presence search filter

privilege

proportional algorithm

protocol data unit

protocol op

proxied authorization control

Q

quality of protection

R

real attributes only control

referential integrity

referral

relative distinguished name

replica

replication

replication repair control

request for comments

restore

result

result code

root DN

root DSE

route

S

salt

saturation algorithm

saturation alert

saturation threshold

schema

schema checking

search attributes

search base DN

search filter

search operation

search result done

search result entry

search result reference

search scope

Secure Hash Algorithm

Secure Sockets Layer

server-side sort control

simple authentication

Simple Authentication and Security Layer

simple paged results control

size limit

smart referral

StartTLS extended operation

static group

structural object class

subentry

subschema subentry

substring assertion

substring index

substring search filter

subtree

subtree delete control

supported control

supported extension

supported feature

synchronization

T

task

time limit

transaction

Transport Security Layer

true filter

trust manager provider

typesOnly flag

U

unbind operation

unindexed search

UNIX crypt algorithm

unsolicited notification

URL

user attribute

V

virtual attribute

virtual attributes only control

virtual directory

virtual list view control

virtual static group

VLV index

W

"Who Am I?" extended operation

work queue

worker thread

workflow

workflow element

writability mode

O

 

object class

An object class is a schema element that correlates an OID and a set of names with a set of required and optional attribute type.

The components of an object class definition include:

Every entry must have exactly one structural object class, and it may have zero or more auxiliary classes. The complete set of object classes in an entry define the set of attribute types that are required or allowed to be present. The structural class may also be used to link the entry with a name form, DIT content rule, and/or DIT structure rule.

The set of object classes defined in the server may be determined by retrieving the objectClasses attribute of the subschema subentry. For more information about object classes, see the Understanding Object Classes in Oracle Fusion Middleware Architecture Reference for Oracle Unified Directory document.

object class type

An object class type is used to define the category for an object class. There are three object class type values:

structural object class

A structural object class is used to define the primary type for an entry. Each entry must have exactly one structural class, and it defines the core type of object that the entry represents.

auxiliary

An auxiliary object class is used to define a characteristic of an entry. An entry may have zero or more auxiliary classes. The set of auxiliary classes that an entry may have may be controlled by a DIT content rule that is associated with the entry's structural class.

abstract

An abstract object class is not intended to be used directly in entries but should be subclassed by a structural or auxiliary class.

The inheritance model used for LDAP object classes is very similar to the inheritance model for Java classes. Just like an entry must only exactly one structural object class, a Java class must have exactly one superclass. Similarly, while an entry may have multiple auxiliary classes, a Java class may implement multiple interfaces. Finally, it is not possible to instantiate an abstract Java class, just as it is not possible to create an entry containing only an abstract object class.

object identifier

An object identifier (OID) is a string that comprises a series of integers separated by periods. It is used as a unique identifier for various types of elements in the Directory Server, including:

operation ID

An operation ID is an integer identifier that is assigned to each operation performed on a client connection. It is used primarily for logging purposes, so that it is possible to correlate a response log message with the corresponding request message.

The first operation performed on a client connection is assigned an operation ID of zero, and it is incremented by one for each additional request received on that client connection.

operational attribute

A user attribute is an attribute type with an attribute usage of directoryOperation, distributedOperation, or dSAOperation. Operational attributes are used for storing information needed for processing by the server itself or for holding any other data maintained by the server that was not explicitly provided by clients.

Operational attributes are not included in entries returned from search operations unless they are explicitly included in the list of search attributes. An explicit value of + (the plus sign) may also be included to request that all operational attributes be returned.

ordering index

An ordering index is a type of index that is used to keep track of the relative order of values for an attribute. It is very similar to an equality index except that it uses an ordering matching rule instead of an equality matching rule to normalized value the values. Ordering indexes may not be maintained for attributes that do not have a corresponding ordering matching rule.

OR search filter

An OR search filter is a type of search filter that is intended to serve as a container that holds zero or more other search filters. In order for an entry to match an OR filter, it must match at least one of the filters contained in that OR filter.

OR filters may be represented as a string by enclosing the entire filter in parentheses and placing a pipe symbol (|) just after the opening parenthesis. For example, a filter of (|(uid=john.doe)(uid=jane.doe)) represents an OR search filter that embeds the (uid=john.doe) and (uid=jane.doe) equality filters.

An OR filter that does not contain any embedded filters is called an LDAP false filter. The string representation for an LDAP false filter is (|), and LDAP false filters will never match any target entry.